- How To Protect SSH with Fail2Ban on Debian 11
Check whether installed.
systemctl status fail2ban
Installed, but fail2ban not active or running
systemctl start fail2ban systemctl enable fail2ban
To fail2ban error fix
fail2ban-client start
Installing Fail2ban, if not installed
sudo apt update
sudo apt install fail2ban
Check installation status
systemctl status fail2ban.service
Configuring Fail2ban
Configuration files of fail2ban service is in the /etc/fail2ban directory. There is a file with defaults called jail.conf. In this tutorial, you’ll create jail.local by copying jail.conf
cd /etc/fail2ban
sudo cp jail.conf jail.local
Now you can configure as per requirements
sudo vi jail.local
You can set bantime, findtime, maxretry and you can set destemail to receive email alert.
Individual Jail Settings
vi /etc/fail2ban/jail.local
By default, the SSH service is enabled and all others are disabled.
enabled = true
After configuring all restart
sudo systemctl restart fail2ban
Ignore IP
ignoreip